cnvd - cnvd-2022-06913

CNVD-2022-06913

Vulnerability from cnvd - Published: 2022-01-26

Title

Kentico跨站脚本漏洞（CNVD-2022-06913）

Description

Kentico是美国Kentico公司的一套基于ASP.NET的内容管理系统（CMS）。 Kentico Xperience CMS存在安全漏洞，该漏洞源于Kentico Xperience CMS 13.0 13.0.43版本容易出现持久的跨站脚本(XSS)漏洞(也称为存储或二阶XSS)。攻击者可利用该漏洞执行客户端代码。

Severity

低

Patch Name

Kentico跨站脚本漏洞（CNVD-2022-06913）的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://appcheck-ng.com/persistent-xss-kentico-cms/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-43991

Impacted products

Name
Kentico xperience >=13.0.0，<=13.0.43

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-43991"
    }
  },
  "description": "Kentico\u662f\u7f8e\u56fdKentico\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eASP.NET\u7684\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u3002\n\nKentico Xperience CMS\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eKentico Xperience CMS 13.0 13.0.43\u7248\u672c\u5bb9\u6613\u51fa\u73b0\u6301\u4e45\u7684\u8de8\u7ad9\u811a\u672c(XSS)\u6f0f\u6d1e(\u4e5f\u79f0\u4e3a\u5b58\u50a8\u6216\u4e8c\u9636XSS)\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u5ba2\u6237\u7aef\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://appcheck-ng.com/persistent-xss-kentico-cms/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-06913",
  "openTime": "2022-01-26",
  "patchDescription": "Kentico\u662f\u7f8e\u56fdKentico\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eASP.NET\u7684\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u3002\r\n\r\nKentico Xperience CMS\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eKentico Xperience CMS 13.0 13.0.43\u7248\u672c\u5bb9\u6613\u51fa\u73b0\u6301\u4e45\u7684\u8de8\u7ad9\u811a\u672c(XSS)\u6f0f\u6d1e(\u4e5f\u79f0\u4e3a\u5b58\u50a8\u6216\u4e8c\u9636XSS)\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u5ba2\u6237\u7aef\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Kentico\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2022-06913\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Kentico xperience \u003e=13.0.0\uff0c\u003c=13.0.43"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-43991",
  "serverity": "\u4f4e",
  "submitTime": "2021-12-07",
  "title": "Kentico\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2022-06913\uff09"
}

CVE-2021-43991 (GCVE-0-2021-43991)

Vulnerability from cvelistv5 – Published: 2021-12-03 14:42 – Updated: 2024-08-04 04:10

Summary

The Kentico Xperience CMS version 13.0 – 13.0.43 is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data.

Severity ?

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

CWE

CWE-79 - Cross-site Scripting (XSS)

Assigner

AppCheck

References

URL

Tags

https://appcheck-ng.com/persistent-xss-kentico-cms/

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Kentico	Kentico Xperience XMS	Affected: 13.0 , < 13.0.43 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:10:17.117Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://appcheck-ng.com/persistent-xss-kentico-cms/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kentico Xperience XMS",
          "vendor": "Kentico",
          "versions": [
            {
              "lessThan": "13.0.43",
              "status": "affected",
              "version": "13.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Kentico Xperience CMS version 13.0 \u2013 13.0.43 is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross-site Scripting (XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-03T14:42:31",
        "orgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
        "shortName": "AppCheck"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://appcheck-ng.com/persistent-xss-kentico-cms/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Persistent XSS via Avatar Upload in Kentico Xperience CMS",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@appcheck-ng.com",
          "ID": "CVE-2021-43991",
          "STATE": "PUBLIC",
          "TITLE": "Persistent XSS via Avatar Upload in Kentico Xperience CMS"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Kentico Xperience XMS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "13.0",
                            "version_value": "13.0.43"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Kentico"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Kentico Xperience CMS version 13.0 \u2013 13.0.43 is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79 Cross-site Scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://appcheck-ng.com/persistent-xss-kentico-cms/",
              "refsource": "MISC",
              "url": "https://appcheck-ng.com/persistent-xss-kentico-cms/"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
    "assignerShortName": "AppCheck",
    "cveId": "CVE-2021-43991",
    "datePublished": "2021-12-03T14:42:31",
    "dateReserved": "2021-11-17T00:00:00",
    "dateUpdated": "2024-08-04T04:10:17.117Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2022-06913

CVE-2021-43991 (GCVE-0-2021-43991)

Tags

Sightings

Nomenclature